Snort mailing list archives

Re: Snort Tests?

From: Keith A. Glass <salgak () speakeasy net>
Date: Wed, 17 Jul 2013 11:14:17 EDT

Well, if you're looking to embed full-up testing, I'd think that was overkill.  That, of course, will depend on the 
resources available to 
your embedded system: I have little expertise there.   I'd think more along the lines of maybe a customized test tool 
packaged separately.

Or just a suggested suite of tests from a standardized security distribution, i.e. BackTrack, Helix, etc. . 

On Wed Jul 17 11:03 , mulhern  sent:

nmap scan is a good place to start.

More background: I'm setting up some security functionality for the Yocto project (which is for embedded systems) and 
it won't be able to

include full functionality. It must all be open source, so VRT rules not allowed and so forth. I need to target the 
functionality that it 
will offer entirely under an open-source license.


Given that, what do you think?
Thanks!


On Wed, Jul 17, 2013 at 10:17 AM, Keith A. Glass <salgak () speakeasy net> wrote:

On Wed Jul 17 10:02 , mulhern  sent:

Supposing you have Snort up and running is their any set of available standard tests that you can run to see if it is 
actually working?

Do a full-up nmap scan ?  If you want to do a wide spectrum test, there's Metasploit (free) or Karollon (commercial)

Or find a friendly CEH and ask to borrow his course DVDs: we all have 4 or so DVDs worth of somewhat-dated hacking 
tools if they took the
official curriculum. . .





------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Snort Tests? mulhern (Jul 17)
- Re: Snort Tests? Lawrence Teo (Jul 17)
- Re: Snort Tests? waldo kitty (Jul 17)
  - Re: Snort Tests? mulhern (Jul 19)
- <Possible follow-ups>
- Re: Snort Tests? Keith A . Glass (Jul 17)
  - Re: Snort Tests? mulhern (Jul 17)
    - Re: Snort Tests? Joel Esler (Jul 17)
    - Re: Snort Tests? mulhern (Jul 17)
- Re: Snort Tests? Keith A . Glass (Jul 17)
  - Re: Snort Tests? mulhern (Jul 17)